refactor(esptool_py): Removed global scope variables from esptool_py project_include.cmake

sudeep-mohanty · sudeep-mohanty · commit b6ea668e6e95 · 2025-07-10T11:26:28.000+02:00
This commit global variables such as ESPTOOLPY, ESPSECUREPY, ESPEFUSEPY,
ESPMONITOR and ESPTOOLPY_CHIP from the project_include.cmake file of
esptool_py component. All other components which use these variables
have been updated to fetch the same from esptool_py component's
properties.
diff --git a/components/bootloader_support/CMakeLists.txt b/components/bootloader_support/CMakeLists.txt
@@ -153,6 +153,7 @@ if(NOT BOOTLOADER_BUILD)
 endif()
 
 if(CONFIG_SECURE_SIGNED_APPS AND (CONFIG_SECURE_BOOT_V1_ENABLED OR CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME))
+    idf_component_get_property(espsecure_py_cmd esptool_py ESPSECUREPY_CMD)
     if(BOOTLOADER_BUILD)
         # Whether CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES or not, we need verification key to embed
         # in the library.
@@ -165,7 +166,7 @@ if(CONFIG_SECURE_SIGNED_APPS AND (CONFIG_SECURE_BOOT_V1_ENABLED OR CONFIG_SECURE
                 "signature_verification_key.bin"
                 ABSOLUTE BASE_DIR "${CMAKE_CURRENT_BINARY_DIR}")
             add_custom_command(OUTPUT "${secure_boot_verification_key}"
-                COMMAND ${ESPSECUREPY}
+                COMMAND ${espsecure_py_cmd}
                 extract_public_key --keyfile "${secure_boot_signing_key}"
                 "${secure_boot_verification_key}"
                 DEPENDS ${secure_boot_signing_key}
@@ -193,7 +194,7 @@ if(CONFIG_SECURE_SIGNED_APPS AND (CONFIG_SECURE_BOOT_V1_ENABLED OR CONFIG_SECURE
                 ABSOLUTE BASE_DIR "${project_dir}")
 
             add_custom_command(OUTPUT "${secure_boot_verification_key}"
-                COMMAND ${ESPSECUREPY}
+                COMMAND ${espsecure_py_cmd}
                 extract_public_key --keyfile "${secure_boot_signing_key}"
                 "${secure_boot_verification_key}"
                 WORKING_DIRECTORY ${project_dir}
diff --git a/components/esptool_py/espefuse.cmake b/components/esptool_py/espefuse.cmake
@@ -2,6 +2,18 @@ cmake_minimum_required(VERSION 3.16)
 
 # Executes a espefuse.py command and returns a cleaned log
 function(espefuse_cmd cmd output_log)
+    # espefuse_cmd can be called from a project's CMakeLists.txt file, which
+    # can invoke this function in CMake scripting mode (-P). If that is the case,
+    # we do not have access to convenience functions like idf_component_get_property.
+    # In scripting mode, the path to espefuse.py must be passed in via the
+    # 'ESPEFUSEPY' variable using the -D flag.
+    #
+    # When called during the normal build configuration phase, 'ESPEFUSEPY' is not
+    # defined as a variable, and we must fetch it from the esptool_py component's
+    # properties.
+    if(NOT DEFINED ESPEFUSEPY)
+        idf_component_get_property(ESPEFUSEPY esptool_py ESPEFUSEPY_CMD)
+    endif()
     set(SERIAL_TOOL ${ESPEFUSEPY})
     if(${ESPEFUSEPY_OFFLINE})
         set(VIRT_OPTION "--virt")
diff --git a/components/esptool_py/project_include.cmake b/components/esptool_py/project_include.cmake
@@ -1,20 +1,5 @@
 # esptool_py component project_include.cmake
 
-# Many of these are read when generating flash_app_args & flash_project_args
-idf_build_get_property(target IDF_TARGET)
-idf_build_get_property(python PYTHON)
-idf_build_get_property(idf_path IDF_PATH)
-
-idf_build_get_property(non_os_build NON_OS_BUILD)
-
-set(chip_model ${target})
-
-set(ESPTOOLPY ${python} "$ENV{ESPTOOL_WRAPPER}" "${CMAKE_CURRENT_LIST_DIR}/esptool/esptool.py" --chip ${chip_model})
-set(ESPSECUREPY ${python} "${CMAKE_CURRENT_LIST_DIR}/esptool/espsecure.py")
-set(ESPEFUSEPY ${python} "${CMAKE_CURRENT_LIST_DIR}/esptool/espefuse.py")
-set(ESPMONITOR ${python} -m esp_idf_monitor)
-set(ESPTOOLPY_CHIP "${chip_model}")
-
 # esptool_py_partition_needs_encryption
 #
 # @brief Determine if a partition needs to be encrypted when flash encryption is enabled.
diff --git a/components/partition_table/CMakeLists.txt b/components/partition_table/CMakeLists.txt
@@ -139,18 +139,19 @@ endif()
 
 # Add signing steps
 if(CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME)
+    idf_component_get_property(espsecure_py_cmd esptool_py ESPSECUREPY_CMD)
     if(CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES)
         add_custom_target(gen_unsigned_partition_bin ALL DEPENDS
                         "${build_dir}/partition_table/${unsigned_partition_bin}")
 
         add_custom_command(OUTPUT "${build_dir}/partition_table/${final_partition_bin}"
-            COMMAND ${ESPSECUREPY} sign_data --version 1 --keyfile "${SECURE_BOOT_SIGNING_KEY}"
+            COMMAND ${espsecure_py_cmd} sign_data --version 1 --keyfile "${SECURE_BOOT_SIGNING_KEY}"
             -o "${build_dir}/partition_table/${final_partition_bin}"
             "${build_dir}/partition_table/${unsigned_partition_bin}"
             DEPENDS "${build_dir}/partition_table/${unsigned_partition_bin}"
             VERBATIM)
     else()
-        string(REPLACE ";" " " espsecurepy "${ESPSECUREPY}")
+        string(REPLACE ";" " " espsecurepy "${espsecure_py_cmd}")
         add_custom_command(TARGET partition-table POST_BUILD
             COMMAND ${CMAKE_COMMAND} -E echo
                 "Partition table built but not signed. Sign partition data before flashing:"
diff --git a/examples/system/efuse/CMakeLists.txt b/examples/system/efuse/CMakeLists.txt
@@ -8,12 +8,13 @@ idf_build_set_property(MINIMAL_BUILD ON)
 project(efuse)
 
 idf_component_get_property(esptool_py_dir esptool_py COMPONENT_DIR)
+idf_component_get_property(espefuse_py_cmd esptool_py ESPEFUSEPY_CMD)
 set(efuse_names "MAC" "WR_DIS")
 add_custom_target(efuse-filter
     COMMAND ${CMAKE_COMMAND}
     -D "IDF_PATH=${IDF_PATH}"
     -D "esptool_py_dir=${esptool_py_dir}"
-    -D "ESPEFUSEPY=${ESPEFUSEPY}"
+    -D "ESPEFUSEPY=${espefuse_py_cmd}"
     -D "ESPEFUSEPY_OFFLINE=${CONFIG_IDF_CI_BUILD}" # Only for CI tests. Do not establish a connection with the chip
     -D "IDF_TARGET=${IDF_TARGET}"
     -D "efuse_names=${efuse_names}"
diff --git a/tools/cmake/project.cmake b/tools/cmake/project.cmake
@@ -948,9 +948,10 @@ macro(project project_name)
     # Add uf2 related targets
     idf_build_get_property(idf_path IDF_PATH)
     idf_build_get_property(python PYTHON)
+    idf_build_get_property(target IDF_TARGET)
 
     set(UF2_ARGS --json "${CMAKE_CURRENT_BINARY_DIR}/flasher_args.json")
-    set(UF2_CMD ${python} "${idf_path}/tools/mkuf2.py" write --chip ${chip_model})
+    set(UF2_CMD ${python} "${idf_path}/tools/mkuf2.py" write --chip ${target})
 
     add_custom_target(uf2
         COMMAND ${CMAKE_COMMAND}
diff --git a/tools/test_apps/security/secure_boot/main/CMakeLists.txt b/tools/test_apps/security/secure_boot/main/CMakeLists.txt
@@ -9,13 +9,16 @@ idf_component_register(SRCS "${main_src}" INCLUDE_DIRS ".")
 target_compile_options(${COMPONENT_LIB} PRIVATE "-Wno-format")
 
 if(CONFIG_EXAMPLE_TARGET_QEMU)
+    set(PROJECT_BIN "${CMAKE_PROJECT_NAME}")
     set(bootloader_unsigned_bin "bootloader-unsigned.bin")
     set(app_unsigned_bin "${PROJECT_BIN}-unsigned.bin")
 
+    idf_component_get_property(espsecure_py_cmd esptool_py ESPSECUREPY_CMD)
+
     add_custom_target(sign_bootloader ALL
         COMMAND ${CMAKE_COMMAND} -E copy "${CMAKE_BINARY_DIR}/bootloader/bootloader.bin"
         "${CMAKE_BINARY_DIR}/bootloader/${bootloader_unsigned_bin}"
-        COMMAND ${ESPSECUREPY} sign_data --version 2 --keyfile
+        COMMAND ${espsecure_py_cmd} sign_data --version 2 --keyfile
         ${PROJECT_DIR}/test/secure_boot_signing_key0.pem
         ${PROJECT_DIR}/test/secure_boot_signing_key1.pem
         ${PROJECT_DIR}/test/secure_boot_signing_key2.pem
@@ -29,14 +32,13 @@ if(CONFIG_EXAMPLE_TARGET_QEMU)
     add_dependencies(sign_bootloader bootloader)
 
     add_custom_target(sign_app ALL
-        COMMAND ${CMAKE_COMMAND} -E copy "${CMAKE_BINARY_DIR}/${PROJECT_BIN}"
+        COMMAND ${CMAKE_COMMAND} -E copy "${CMAKE_BINARY_DIR}/${PROJECT_BIN}.bin"
         "${CMAKE_BINARY_DIR}/${app_unsigned_bin}"
-        COMMAND ${ESPSECUREPY} sign_data --version 2 --keyfile
+        COMMAND ${espsecure_py_cmd} sign_data --version 2 --keyfile
         ${PROJECT_DIR}/test/secure_boot_signing_key1.pem
-        -o "${CMAKE_BINARY_DIR}/${PROJECT_BIN}"
+        -o "${CMAKE_BINARY_DIR}/${PROJECT_BIN}.bin"
         "${CMAKE_BINARY_DIR}/${app_unsigned_bin}"
-        COMMAND ${CMAKE_COMMAND} -E echo "Generated signed binary image ${CMAKE_BINARY_DIR}/${PROJECT_BIN}"
-        "from ${CMAKE_BINARY_DIR}/${app_unsigned_bin}"
+        COMMAND ${CMAKE_COMMAND} -E echo "Generated signed binary image ${CMAKE_BINARY_DIR}/${PROJECT_BIN}.bin"
         VERBATIM
         COMMENT "Generated the test-specific signed application")
 
